Vulnerabilities > IBM > Flashsystem 900 Firmware > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-04 | CVE-2020-4987 | Cross-site Scripting vulnerability in IBM Flashsystem 900 Firmware 1.4 The IBM FlashSystem 900 user management GUI is vulnerable to stored cross-site scripting in code versions 1.5.2.8 and prior and 1.6.1.2 and prior. | 5.4 |
| 2018-05-29 | CVE-2018-1495 | Improper Privilege Management vulnerability in IBM Flashsystem 840 Firmware and Flashsystem 900 Firmware IBM FlashSystem V840 and V900 products could allow an authenticated attacker with specialized access to overwrite arbitrary files which could cause a denial of service. | 6.5 |